Access to a company’s systems and applications must be properly approved and monitored to provide the highest levels of confidentiality, availability and integrity. An access management policy can help provide overall guidance for the consistent granting, monitoring and removal of user access to the system environment. This tool contains four sample policies that define procedures for ensuring that access to all systems and applications is properly approved and monitored.
In these samples, access must be granted using approved and established role-based security, roles are well-defined and documented, and changes to access roles must follow the approval requirements.
Policies & Procedures